Help! - spyware removal

  • Thread starter Thread starter Leon
  • Start date Start date
L

Leon

Hi,
I appear to be constantly removing spyware from my
syustem, the most typical is called "Doubleclick" whenever
I remove it after 5-10 minutes of browsing it reappears
and I have no idea how to prevent it from self installing
onto my pc.
I understand from its manufacturer that I can install a
cookie which will prevent it from installing or sending
any data onto the net but frankly I dont see why I should
install software I dont want.

How do I enable my system to reject all spyware as it
presents itself????

Thanks for any assistance provided!
 
get lavasoft adaware. there stuff is not only great, but
FREE!! they are professionals, and if it sounds
suspicious, dont be. they are a software company from
sweden, that gives out free adaware to non-commercial
users, and an improved version can be purchased (hence
its free-ness). works great! go to www.lavasoftusa.com,
for the us website.
 
Hi Leon - If you want to take steps to defend your machine, there are a
number of things which need to be considered. I would suggest the
following:

The minimum necessary to start with are a good hardware or software firewall
and an AV.

For the general hijack case, the best way to start is to get Ad-Aware 6.0,
Build 181 or later, here: http://www.lavasoftusa.com/support/download/.
Update and run this regularly to get rid of most "spyware/hijackware" on
your machine. If it has to fix things, be sure to re-boot and rerun
AdAware again and repeat this cycle until you get a clean scan. The reason
is that it may have to remove things which are currently "in use" before it
can then clean up others.

Another excellent program for this purpose is SpyBot Search and Destroy
available here: http://security.kolla.de/ SpyBot Support Forum here:
http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi. I recommend
using both normally. After fixing things with SpyBot S&D, be sure to
re-boot and rerun SpyBot again and repeat this cycle until you get a clean
"no red" scan. The reason is that SpyBot sometimes has to remove things
which are currently "in use" before it can then clean up others.


Note that sometimes you need to make a judgement call about what these
programs report as spyware. See here, for example:
http://www.imilly.com/alexa.htm


Next, courtesy of Mike Burgess:

"--Recommended Minimum Security Settings--

Close all instances of IE and OE
Control Panel | Internet Options

Click on the "Security" tab
Highlight the "Internet" icon, click "Custom Level"

1) "Download signed ActiveX scripts" = Prompt
2) "Download unsigned ActiveX scripts = Disable
3) "Initialize and script ActiveX not marked as safe" = Disable
4) "Installation of Desktop items" = Prompt
5) "Launching programs and files in a IFRAME" = Prompt

Click on the "Content" tab
Click the "Publishers" button

Highlight and click "Remove" any unknowns, click Ok

Click on the "Advanced" tab
Uncheck: "Install on demand (other)", click Apply\Ok

Prevent your "HomePage" setting from being Hijacked
http://www.mvps.org/winhelp2002/ietips.htm
_____________________________
Mike Burgess
Information isn't free if you can't find it!
http://www.mvps.org/winhelp2002/"


Note the Publisher setting - this vector is often overlooked.


Then, from me:

You might want to consider installing the Browser Hijack Blaster,
SpywareBlaster and SpywareGuard here to help prevent this kind of thing from
happening in the future:
http://www.wilderssecurity.com/bhblaster.html (Prevents malware BHO's)
http://www.wilderssecurity.com/spywareblaster.html (Prevents malware Active
X installs) (BTW, SpyWare Blaster is not memory resident ... no CPU or
memory load - but keep it updated) The latest version as of this writing
will prevent installation or prevent the malware from running (887 parasites
as of this date) if it is already installed, and it provides information and
fixit-links for a variety of parasites.
http://www.wilderssecurity.net/spywareguard.html (Monitors for attempts
to install malware) All three Very Highly Recommended.


Lastly, with regards to cookies: Courtesy of Mel's Spyware Tools, here:
http://homepage.cooketech.net/~cybermel/Mel's Spyware Tools and Ad Blockers.html

XML-Menu for IE6 - (http://www.staff.uiuc.edu/~ehowes/main.htm, click on IE6
Tools on website) "This package contains a full menu of custom Import XML
files that can be used to manipulate IE6's handling of cookies in the
Internet and Trusted zones (the Privacy tab controls only the Internet
zone). The files are divided into three sets: one "short list" of
recommended files, and two "advanced" lists containing a wide range of
possible Privacy configurations. The ReadMe covers the basics of using
custom XML Import files and details all the files that are available. A
..REG file that can be used to restore the default Privacy tab settings is
included."

This is the technique that I use and, while I do sometimes have to override,
I've found it almost infallible in stopping bad cookies (I use 1-e, BTW)
FWIW, Eric Howes site, above, is one of the very best on the net with regard
to anything having to do with security. Highly Recommended.

See if any of this helps

--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP



In
 
Just a followup to my previous post on this subject - It's better to just
install SpywareBlaster and SpywareGuard and not include
SpywareHijackBlaster.. SpywareHijack has been shown to sometimes interfere
with SpywareGuard, and Guard does all of its functiolns plus more
 
Thanks for the tip Joe
I'm a little worried about the number of items found on my
first scan but I'll reserve judgement until my web age
stops resetting!!!

Thanks for the halp!
Leon
 
Thanks for the tip Jim
I've loaded a product recommended by another called spybot
but I'm keeping your email on file for another attempt
should this one fail.

I'm a little worried about the number of items found on my
first scan but I'll reserve judgement until my web age
stops resetting!!!

Thanks for the help!
Leon
 
I am not sure what you mean by, "I'll reserve judgment until my web (p)age
stops resetting!!!".

Does this mean you did not remove the spyware/adware Spybot found? When you
remove it, it's backed-up in Spybot's Recovery directory. You can leave it
there for a few days or longer, just to make sure you don't have problems
with your computer.

After you remove the spyware/adware, use Spybot's Immunize feature to keep
it out.

Joe
 
Leon,

I have had a similar problem - and although I have Ad-aware this does not
stop your PC accumulating the "spyware" cookies.

I have found even common "banner ware" sites like MSN are the culprits - if
you access this it loads doubleclick and admnt - all these sites seem to
accumulate cookies for "3rd party" sites.

I have played with the Internet settings - and assuming you have IE6
(otherwise why are you reporting it to this group!) there is I think a cure
all:
1) In IE6 - "Tools" then "Internet Options..."
2) Select the "Privacy" tab
3) IGNORE the so called "simple" slider "Settings" - even on Max doubleclick
will get through because it has a published "privacy policy" [so that's OK
then - NOT!!!]
4) What you want to do is press the "Advanced..." button!
5) I have the following settings which seem to work on the "Advanced Privacy
Settings" screen:
[Ticked] Override automatic cookie handling (YES PLEASE!)
First Party Cookies - Prompt [SELECTED] (This may be a bit of a pain as you
will have to "authorise" new sites that use their own cookies - but worth it
as YOU (as opposed to Microsoft) ARE IN CONTROL)
[TICKED] Always allow server cookies (This mitigates the previous settings
as if you use online banking/amazon/etc. it will remove the need to
authorise the "session cookies" that keep your logon alive)

And the piece de la resistance...
6) Third Party Cookies - Blocked [SELECTED] (Goodbye doubleclick et al...
and good riddance... hello saved diskspace and faster browsing and freedom
from cookie privacy scares)
7) Don't forget to click [OK] then [OK] and restart the browser

After doing this you should clean up your cache (you know how - or use
Ad-aware) and then peek in "View Files..." a week later and see if you can
spot the difference!

Better still - watch out for the "Eye"+"No Entry" icon in the browser and
doubleclick - then proceed to rub your hands in glee at the list of bounced
cookie requests!

Regards,
Kevin
 
Hi Kevin - Just an FYI that you may be interested in about a more
sophisticated approach to cookie control.

Courtesy of Mel's Spyware Tools, here:
http://homepage.cooketech.net/~cybermel/Mel's Spyware Tools and Ad Blockers.html

XML-Menu for IE6 - (http://www.staff.uiuc.edu/~ehowes/main.htm, click on IE6
Tools on website) "This package contains a full menu of custom Import XML
files that can be used to manipulate IE6's handling of cookies in the
Internet and Trusted zones (the Privacy tab controls only the Internet
zone). The files are divided into three sets: one "short list" of
recommended files, and two "advanced" lists containing a wide range of
possible Privacy configurations. The ReadMe covers the basics of using
custom XML Import files and details all the files that are available. A
..REG file that can be used to restore the default Privacy tab settings is
included."

(I use 1-e, BTW, and have for several years, and I just don't have any
problems. I do occasionally have to override it for some sites that I need
to go to that don't have a Privacy Policy)


--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP



In
Kevin.S said:
Leon,

I have had a similar problem - and although I have Ad-aware this does not
stop your PC accumulating the "spyware" cookies.

I have found even common "banner ware" sites like MSN are the culprits - if
you access this it loads doubleclick and admnt - all these sites seem to
accumulate cookies for "3rd party" sites.

I have played with the Internet settings - and assuming you have IE6
(otherwise why are you reporting it to this group!) there is I think a cure
all:
1) In IE6 - "Tools" then "Internet Options..."
2) Select the "Privacy" tab
3) IGNORE the so called "simple" slider "Settings" - even on Max doubleclick
will get through because it has a published "privacy policy" [so that's OK
then - NOT!!!]
4) What you want to do is press the "Advanced..." button!
5) I have the following settings which seem to work on the "Advanced Privacy
Settings" screen:
[Ticked] Override automatic cookie handling (YES PLEASE!)
First Party Cookies - Prompt [SELECTED] (This may be a bit of a pain as you
will have to "authorise" new sites that use their own cookies - but worth it
as YOU (as opposed to Microsoft) ARE IN CONTROL)
[TICKED] Always allow server cookies (This mitigates the previous settings
as if you use online banking/amazon/etc. it will remove the need to
authorise the "session cookies" that keep your logon alive)

And the piece de la resistance...
6) Third Party Cookies - Blocked [SELECTED] (Goodbye doubleclick et al...
and good riddance... hello saved diskspace and faster browsing and freedom
from cookie privacy scares)
7) Don't forget to click [OK] then [OK] and restart the browser

After doing this you should clean up your cache (you know how - or use
Ad-aware) and then peek in "View Files..." a week later and see if you can
spot the difference!

Better still - watch out for the "Eye"+"No Entry" icon in the browser and
doubleclick - then proceed to rub your hands in glee at the list of bounced
cookie requests!

Regards,
Kevin


Leon said:
Hi,
I appear to be constantly removing spyware from my
syustem, the most typical is called "Doubleclick" whenever
I remove it after 5-10 minutes of browsing it reappears
and I have no idea how to prevent it from self installing
onto my pc.
I understand from its manufacturer that I can install a
cookie which will prevent it from installing or sending
any data onto the net but frankly I dont see why I should
install software I dont want.

How do I enable my system to reject all spyware as it
presents itself????

Thanks for any assistance provided!
Click to expand...
Click to expand...
 
Back
Top